Who Are We

This policy is provided to you by Core Spreads Australia and describes who we are, why we need to collect your information and how we will use it. It will also tell you who we share your information with and how we use data to improve the products and service we provide to you.

Core Spreads Australia is aware of the trust you place in us when you visit our sites or utilise our products or services, and of our responsibility to protect your information.

 “We”, “Us” or “Our” in this policy refers to Core Spreads Australia and our related entities; who enable us to operate a 24-hour business from Monday to Friday,  consisting of the following companies:

  • Core Spreads Australia a trading name of Finsa Pty Limited, a company registered in Australia with company number 158065635, whose registered office is Level 36, Governor Phillip Tower, 1 Farrer Place, Sydney, NSW 2000, Australia and is authorised and regulated by the Australian Securities and Investments Commission (ASIC) registration number 422661.
  • Core Spreads a trading name of Finsa Europe Limited, a company registered in the United Kingdom with company number 07073413, whose registered office is 9th Floor, 30 Crown Place, London, EC2A 4ES and is authorised and regulated by the Financial Conduct Authority (FCA) registration number 525164.
  • Trade Nation Financial (PTY) Limited, a company registered in South Africa with a company number 2018/418755/07, whose registered office is The Mall Offices, 5th Floor, 11 Craddock Avenue, Rosebank, 2196 and is authorised and regulated by the Financial Sector Conduct Authority (FSCA) registration number 49846.

The entities above apply the same data privacy standards to protect and secure your personal data whenever they provide online Contracts for Difference (CFD), spread trading and spot forex products to retail and other customers, and act as individual data controllers of your Personal Information in relation to specific services they deliver.

Any reference to ‘you’, ‘your’, ‘yours’ or ‘yourself’ in this policy is a reference to any of our clients, potential clients or people visiting our websites as the context requires unless otherwise stated. 

What personal information do we collect

As part of providing our products and services to you, we are required by law to execute Know Your Customer (KYC) checks in order to verify your identity before we set you up as a client and we use those details to effectively manage your account with us to ensure that you get the best possible service.

If you are an actual or potential client, we may collect the following types of information about you depending on your stage in the customer journey:

  • identity data including title, first name, last name, date of birth, gender, username, account number or similar identifier;
  • contact data including billing address, residential address, email address and telephone number;
  • information about your source of income and wealth including details about your assets and liabilities, account balances, trading statements, tax and financial statements, government-issued documentation, employment and profession details;
  • technical data including application software, internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites or applications;
  • financial data including user id tokens from payment service providers, bank account details and payment card details;
  • profile data including your username and password, trading performance, transaction data, notes, your interests, preferences, customer feedback, survey responses, internet chats and telephone recordings;
  • usage data including information about how you use our website, products and services; and
  • marketing and communications data including your preferences in receiving marketing from us and our third parties and your communication preferences.

We obtain this information in a number of ways through your use of our services or other dealings with us including through any of our websites, account opening applications, contact forms, telephone, internet chat systems, our demo sign up forms, webinar sign up forms and information provided in the course of ongoing client service correspondence. We may also collect information about you from third parties either through customer due diligence providers, sanctions screening providers, credit reference agencies, publicly available sources or screened third party data lists.

We also keep records of your trading behaviour, including a record of:

  • suspicious transactions and orders
  • your preference for certain types of products and services
  • your financial transactions, the products you trade with us and their performance
  • historical data about the trades and investments you have made including the amount invested

We will use your Personal Information to provide you with products and services, or information about our products and services, and continuously review your ongoing needs once you open an account with us or subscribe to information resources on our sites or applications (e.g. blogs, newsletters etc.).

We also collect, use and share statistical or demographic data for many purposes (“Aggregated Data”). Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. Where we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with the law and this privacy policy.

Visiting our websites and cookies

We use cookies, which are small pieces of text stored on your computer or device when you visit our websites or use our apps. Cookies help us collect standard log information in order to monitor customer traffic patterns, identify the number of visitors to areas of our site, understand how to improve our website, provide you with a more relevant and effective experience, including presenting web pages according to your needs or preferences. The information we collect is usually anonymous, i.e. does not contain personally identifiable information.

 For further information about cookies and how we use cookies, please refer to the cookie policy on our website (which is deemed to form part of this privacy policy) at Cookies Policy.

How and why we use your personal information

We only use your personal information if we have a legal reason for doing so, such as:

  • to comply with our legal and regulatory obligations;
  • for the performance of our contract with you or to take steps at your request before entering into a contract;
  • for our legitimate interests or those of a third party; or
  • where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains what we use your personal information for and our reasons for doing so:

 

What we use your personal information for

 

Our reasons

•    To provide products, services and support to you.

For the performance of our contract with you or to take steps at your request before entering into a contract.

•    To prevent and detect crime against you and members of the public.

For our legitimate interests or those of a third party, such as to minimise fraud that could be damaging for us and for you.

•    Conducting checks to identify our customers and verify their identity.

•    Screening for financial and other sanctions or embargoes.

•    Other processing necessary to comply with professional, legal obligations that apply to our business, e.g. under financial service regulation issued by our professional regulator.

To comply with our legal and regulatory obligations.

•    Gathering and providing information or evidence relating to audits, enquiries, legal claims, complaints or investigations by regulatory bodies.

To comply with our legal and regulatory obligations.

For our legitimate interests to defend ourselves and relevant third parties from legal claims.

•    Ensuring internal business policies are adhered to, e.g. policies covering data retention or security.

For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you.

•    Operational reasons, such as improving efficiency, training and quality control.

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price.

•    Ensuring the confidentiality of commercially sensitive information.

For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information.

To comply with our legal and regulatory obligations.

•    Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures.

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price.

•    Preventing unauthorised access and modifications to systems.

For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you.

To comply with our legal and regulatory obligations

•    Updating and enhancing customer records.

For the performance of our contract with you or to take steps at your request before entering into a contract.

To comply with our legal and regulatory obligations.

For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products.

•    Statutory returns.

To comply with our legal and regulatory obligations.

•    Ensuring safe working practices, staff administration and assessments.

To comply with our legal and regulatory obligations.

For our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you.

•    Marketing our services and those of selected third parties to:

-        existing and former customers;

-        third parties who have expressed an interest in our services;

For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers.

Your consent to us and third parties to provide you with promotional content on products, services and support.

•    Credit reference checks via external credit reference agencies

For our legitimate interests or those of a third party, i.e. to ensure our customers are likely to be able to pay for our products and services

•    External audits and quality checks, e.g. maintain our accreditation and the audit of our accounts

For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards

To comply with our legal and regulatory obligations

The above table does not apply to special category personal information, which we will only process with your explicit consent.

Promotional communications

We may use your personal information to send you updates (by email, text message, telephone or post) about our products and services, including exclusive offers, promotions or new products and services.

Where consent is needed for promotional purposes, we will ask for this consent separately and clearly, however, we do not usually need your consent because we have a legitimate interest in processing your personal information (see above ‘How and why we use your personal information’).

We will always treat your personal information with the utmost respect and never sell or share it with other organisations outside our related entities for marketing purposes. Whenever we rely on your consent as our legal basis for processing your Personal Information, you have the right to withdraw that consent or opt out of receiving promotional communications at any time by:

  • contacting us via your usual means of communication or use the contact details in this policy (see below ‘How to contact us’)
  • using the ‘unsubscribe’ link in emails
  • send ‘STOP’ in response to any texts

We will usually ask you to confirm or update your marketing preferences: when we contact you, if you request information on our products and services or if there are changes in the law, regulation, or the structure of our business.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, permissible by law and is in accordance with this policy.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with a regulatory obligation or permitted by law. 

Who we share your personal information with

As part of using your Personal Information for the purposes set out above, we may disclose your information to:

  • our related entities (see above ‘Who we are’)
  • third party service providers we use to help deliver our products and services to you, such as electronic identity verification agencies, specialist advisers, administrative support, IT, financial, compliance, insurance, research etc.;
  • introducers, brokers, marketing agents and those with whom we have a mutual relationship;
  • credit providers, courts, tribunals and applicable regulatory authorities as agreed or authorised by law or our agreement with you;
  • other third parties we use to help us run our business, e.g. marketing agencies or website hosts;
  • credit reporting or reference agencies;
  • trace debtors or beneficiaries, debt recovery agencies;
  • crime prevention agencies; and
  • anyone authorised by you

We only allow our service providers to handle your personal information if we are satisfied, they take appropriate measures to protect your personal information. We also impose contractual obligations on each service provider to ensure they can only use your personal information as instructed by us; to provide services to us and you.

We may share personal information with external auditors, e.g. in relation to maintaining our accreditations or audit of our accounts etc. and we may disclose and exchange information with regulatory bodies and law enforcement agencies to comply with our legal obligations and help prevent crime.

We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of any such information will be bound by the same data privacy, confidentiality and security obligations.

Please note that the use of your Personal Information by external third parties who act as data controllers of your Personal Information is not covered by this policy and is not subject to our privacy standards and procedures.

Management of personal information

Information may be held at our offices and those of our related entities, third party agencies, service providers, representatives and agents as described above (see above: ‘Who we share your personal information with’).

To deliver a 24/5 service to you, it is sometimes necessary for us to transfer your personal information overseas, such as:

  • with our related entities based outside Australia;
  • with your and our service providers located outside Australia;
  • if you are based outside Australia;

We will, however, ensure that any such transfer complies with our obligations under the data protection laws, and that such transfer maintains the confidentiality, integrity, availability and security of your personal information. Our standard practice is to use standard data protection contract clauses that have been approved by relevant regulatory or supervisory authority.

How long your personal information will be kept

We will keep your personal information while you have an account with us, or we are providing information, products or services to you. Thereafter, we will keep your personal information for as long as is necessary:

  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that we have acted in accordance with the law; and
  • to keep records as required by law.

We will not retain your Personal Information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information and when it is no longer necessary to retain your personal information, we will delete or anonymise it.

If you fail to provide personal information

Where we need to collect personal data by law, under the terms of a contract we have with you or are trying to enter into with you and you fail to provide that data when requested, we may not be able to perform the contract we have or in limited circumstances may only be able to provide a restricted service. In most cases, we may have to cancel the product or service you have with us, but we will notify you if this is the case at the time.

Your rights

You have the following rights:

 

Rights

 

Explanation

· Access

The right to ask us to provide you with a copy of your personal information.

· Rectification

The right to ask us to correct or update any mistakes or out-of-date personal information that we hold on you.

· Erasure

The right to ask us to delete your personal information; we will erase your information if there are no applicable laws or regulations barring us from doing so.

· Restriction of processing

The right to ask us to restrict processing of your personal information—in certain circumstances, e.g. if you contest the accuracy of the data

· Data portability

The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

· To object

The right to object:

-        at any time to your personal information being processed for direct marketing;

-        in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.

· Not to be subject to automated individual decision-making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.

You can exercise these rights free of charge by contacting our customer service team using the contact details listed in this policy (see below: ‘How to contact us’). Please note that we reserve the right to charge the administrative cost of providing you with the requested information in situations where your request is excessive or unfounded, for instance where your request is repetitive, or you require multiple copies.

In situations where we have shared your personal information with third parties, we will inform them of your request to ensure that your data privacy rights are upheld by them.

Keeping your personal information secure

 Safeguarding your personal information is important to us, whether you interact with us personally, telephone, e-mail, post, over the internet or by any other electronic medium. We follow strict security procedures and protocols in connection with the storage, processing and disclosure of your information, to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also have procedures in place to deal with any suspected or actual data security breach and will notify you and any applicable regulator of a data security breach where we are legally required to do so.

Where we share your information with a third party (which we will only do in accordance with this privacy policy), we will ensure that the security measures employed by any such third party in relation to the storage and processing of your information are at least as rigorous as those employed by us. We continually review our systems and follow best practice industry standards for information security.

Technology improvements and third-party sites

We are constantly striving to improve functionality on our websites and applications through technology changes and this may mean a change to the way in which personal information is collected or used. We will update this policy as necessary to inform you of any technology changes that affect your privacy rights.

Whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, we accept no liability if communications are intercepted by third parties or incorrectly delivered or not delivered from you to us.  Where possible, we recommend transferring information directly to us using the functionality provided.

Our websites may contain links to other websites operated by third parties. Our privacy policy applies only to the personal information that we collect through this website and we cannot be responsible for personal information that third parties may collect, store and use through other websites. You should always read the privacy policy of each website you visit to understand how its use may impact you.

How to contact us

If you have concerns about any aspect of our privacy practices, questions about this privacy policy, want to exercise your rights or wish to make a complaint, please contact us by:

  • phone on +61 (0)2 80 466 473;
  • email at support@corespreads.com.au; or
  • writing to Core Spread Australia Level 36, Governor Phillip Tower, 1 Farrer Place, Sydney, NSW 2000, Australia

You have the right to make a complaint at any time if you are not satisfied with our privacy practices or response to your complaint, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC). You can find details about how to do this on their website at www.oaic.gov.au/ or by calling +61 1300 363 992 or emailing enquiries@oaic.gov.au . We would, however, appreciate the chance to deal with your concerns or complaints before you approach the supervisory authority so please contact us in the first instance.

Policy review and changes

This website privacy policy was last updated on the 29th May 2019.

Our privacy policy will be reviewed from time to time to take account any new obligations, technological advancements, changes to our operations or practices and to make sure it remains appropriate to the changing regulatory landscape.

We may change this privacy policy from time to time, when we do, we will inform you through your chosen or usual method of communication, including via email or highlighted banners on our website.

 

Core Spreads

Core Spreads is trading as it should be. Tight fixed spreads and razor sharp execution on thousands of markets.